package com.qiandw.security

import java.util

import org.springframework.security.access.{AccessDecisionManager, AccessDeniedException, ConfigAttribute}
import org.springframework.security.core.Authentication
import org.springframework.stereotype.Component

import scala.collection.JavaConverters._

@Component
class MemberAccessDecisionManager extends AccessDecisionManager {

  override def decide(authentication: Authentication, o: scala.Any, attrs: util.Collection[ConfigAttribute]): Unit = {

    if (attrs == null || attrs.size() == 0) return

    attrs.asScala.foreach(x => {
      authentication.getAuthorities.asScala.foreach(o => {
        if (o.getAuthority == "ROLE_" + x.getAttribute) return
      })
    })

    throw new AccessDeniedException("no right")
  }

  override def supports(configAttribute: ConfigAttribute): Boolean = true

  override def supports(aClass: Class[_]): Boolean =  true
}
